Read an article about the cryptocurrency smart wallet ecological forerunner

As the starting point of large-scale application of blockchain, many wallets are adopting smart contracts and other technologies to lower the threshold for users to keep private keys. Aside from private keys and mnemonics, you need a smart wallet.

Written by: Xiang Xiang Yao, Researcher MYKEY

Peter Schiff, a well-known stockbroker who lost his bitcoin, is not happy. He tweeted about Bitcoin, sparking a heated debate, and many people attacked him just as many people attacked Bitcoin.

If indeed, as Peter Schiff said, he did not remember the password wrong, how did this loss happen? BUGs in wallet software, mobile phone viruses, and even a deep disk cleanup can all lead to the loss of private key storage files. In addition, there is a case where the mobile phone may be directly broken or lost. At this time, if the user has never backed up the private key, the money will never be recovered.
"You should copy the private key on paper. There are three safe places! Encryption is encryption. You are responsible for yourself!" Many people showed Peter Schiff the autonomy of the cryptocurrency community . However, Vitalik Buterin, co-founder of Ethereum, thinks this is wrong: this circle can and must provide better and more secure wallets . So what kind of wallet is better for ordinary people? Let us start from the beginning.

What is a wallet?

What is a wallet? Simply put, the wallet is a key management tool + blockchain browser + application portal.

  • Key management tools

First, the key (private key) is the user's credentials to access the blockchain network. Every operation on the blockchain verifies the user's private key, which is achieved through a method called digital signature. The private key is the user's private information, which needs to be kept safely in the user's local area. Once leaked, it will bring account security issues. Wallets need to help users manage their private keys. First, they must ensure the security of their private keys. Second, they must ensure that they can be safely signed.

  • Blockchain browser

The user's asset information and all operation records are recorded on the blockchain. The wallet accesses the blockchain and parses the raw data into a user-readable format. For example, balances of assets, images of gaming equipment, medals to attend events, etc. The wallet is the UI layer of the blockchain .

  • application Center

There are a large number of decentralized applications on the blockchain, including financial DeFi, games, etc. The wallet is the entrance to these applications. Similar to the blockchain application store, it implements application distribution.

Barriers to blockchain applications

Without a wallet, it cannot be called a user of the blockchain. The wallet should be a ticket for ordinary people to enter the blockchain world. Nowadays, wallets have become a huge bottleneck restricting user expansion, limiting the large-scale application of blockchain. In summary, there are the following reasons.

  • Key management difficulties

Most users have just become accustomed to the Internet account password system, and have been dazed by complex password systems, but fortunately, they can also use their mobile phone numbers to retrieve their passwords. In the blockchain world, the private key is the only permission. If you forget it, you forget it. If you steal it, you steal it. There is no chance to regret it.

Current wallets either have their own private keys, known as ordinary wallets, or third-party custodians of user assets. Users do not own the private keys of the assets, but instead keep accounts with the custodian.

The vast majority of users are unwilling to bear the risk of losing the private key and cannot be retrieved. Therefore, they will not use ordinary wallets that have their own private keys. They will choose escrow wallets or exchanges to keep digital assets, and users will not be able to experience the blockchain world Full functionality, but also need to take more risks. In other words, a secure and easy-to-use key management mechanism is a necessary condition for users to independently manage assets and enter the blockchain world.

  • Complex network costs

There is a fee for using the blockchain. This is not a problem. The question is how to charge.

Different blockchains use different methods for billing, which is closely related to their underlying consensus and economic model. For example, every transaction in Bitcoin needs to set a certain amount of BTC-denominated fees; Ethereum will eventually translate each transaction into a set of opcodes, and each opcode corresponds to With a certain amount of gas consumption, the transaction needs to set the price of unit gas. The total gas consumption and gas price determine the final handling fee, which is priced in ETH. EOS divides resources into computing resources (CPU) and network resources ( NET) and storage resources (RAM) , users need to mortgage EOS to rent CPU and NET, but need to use EOS to buy RAM, and EOS provides a resource leasing platform REX, users can use direct purchase of REX to obtain resources within a certain period Right of use.

This article will not discuss the advantages and disadvantages of different resource models because it is too complicated. For ordinary users, these billing rules are dazzling. Can you simply use the blockchain? An easy-to-understand payment model that meets user habits is an important condition for lowering the threshold for users to use the blockchain.

  • Decentralized multi-chain accounts

Users may hold assets on different chains, and there is a need to use applications on multiple blockchains. In the traditional model, users need to create accounts on different chains and manage the private keys of these accounts separately. The BIP 39 protocol allows private keys to be generated on different public chains through a single seed. Of course, this method can protect the privacy of users, that is, the identity on multiple chains cannot be matched by public keys, but on the other hand, this is obviously not conducive to cross-blockchain authentication and asset transfer. Realizing the unified management of multi-chain accounts is a feasible path to achieve cross-chain.

Crossing the Barriers of the Blockchain

In order to solve the inconvenience caused to users by key management, network fees and multi-chain accounts, many practitioners have proposed useful solutions for the industry.

At the key management level, solutions represented by TEE and hardware wallets improve the security of the media; solutions based on multi-signature, secret sharing, and threshold signatures decentralize permissions and reduce single points of risk; Ethereum also proposed EIP- 2429, designed to introduce social recovery features.

In terms of network fees, the meta-tx and ERC865 proposals (drafts) respectively provide solutions for paying network fees and using ERC20 tokens to pay for network fees.

At the multi-chain account level, the BIP 39/44 protocol supports the use of one seed to derive private keys on multiple chains. Currently, mainstream multi-chain wallets have adopted this scheme. However, whether it is a escrow wallet or an ordinary wallet, traditional digital wallets are difficult to strike a balance between security and ease of use.

What is a smart wallet

The term smart wallet can not be tested at first, but Vitalik Buterin has proposed in various activities and articles that smart wallet is a tool to promote the large-scale application of blockchain.

The "intelligence" of a smart wallet is not the "intelligence" of artificial intelligence, but rather that it is based on " smart contracts ." In simple terms, the user's assets are no longer completely controlled by a private key, but are controlled by a smart contract, a program on a set blockchain. For example, which keys can the account's money be controlled by, is there a daily limit, can it be frozen, and can it be restored? These logics can not rely on the bottom layer of the blockchain, but rely on the logic of smart contracts to achieve the definition and segmentation of permissions.

The advantage of this is that the risk is no longer highly concentrated, and at the same time allows users to make appropriate mistakes, even if the user accidentally leaks or loses the paper with the private key, there are ways to ensure the security of the account, or to restore the account.

A smart wallet is software that accesses a blockchain account based on a smart contract. The user is a smart contract on the blockchain. The smart wallet securely stores the user's private key locally, provides access to the blockchain, builds a digital signature, implements transfers by interacting with the corresponding smart contract account, and uses blockchain applications. Smart wallets are intended to lower the barriers to use of the blockchain and seek a balance between security and ease of use.

The differences between smart wallets and managed wallets and ordinary wallets are as follows:

Typical smart wallet

What wrestlers are currently on the track of smart wallets? What are their respective characteristics and advantages? According to public information, we selected three smart wallets with a large user base for analysis, namely Argent, Monolith, and MYKEY.

  • Argent

Argent is a UK based company that provides Ethereum-based smart wallets. Argent needs to provide a mobile phone number and email address when registering to verify user identity. At the account management level, users cannot export the private key, and the private key is strictly bound to the device, allowing migration to a new device.

Argent introduces Guardians mechanism, allowing users to set up relatives, friends, hardware wallets or Argent Guard as "guardian". The Guardian mechanism enables account recovery, and more than half of the Guardian can assist users in completing the lock, unlock and recovery of the wallet.

At the asset management level, transfer limits can be set. Large transfers need to be delayed or immediately with the assistance of Guardian. Private keys are not allowed to be exported, replacement devices must rely on Guardian, Argent Guard authenticates users via mobile phone / email. There is no need to pay for gas within reasonable use.

  • Monolith

Monolith is a London company. Monolith allows users to set whitelisted addresses, daily transfer limits, daily fee limits, and more. Users can export private keys and keep them independently, but Monolith has no account recovery mechanism.

In terms of fees, Monolith uses a prepaid model, and users need to recharge ETH to Gas Tank to pay for gas costs that may be generated in the future.

In addition, EU members are allowed to bind their accounts to a MasterCard savings card for offline payments.

  • MYKEY

MYKEY is based on the KEY ID protocol. The KEY ID protocol divides account permissions into management permissions and operation permissions. Management permissions can only modify account permissions. Operation permissions can be used to perform transfers and other operations.

MYKEY allows users to export the management private key (recovery code) . The operation private key is not allowed to export, but it can be synchronized to the new device. In addition, MYKEY Lab is an emergency contact for real-name users by default, which can assist users in operations such as account recovery. hand

At the renewal level, MYKEY provides a certain amount of free quota, and you can set targeted free for the application. For example, users who meet the conditions can enjoy up to 4 free Ethereum transfers per month. When they are used up, they need to recharge or obtain network fees by participating in activities to continue using them.

  • Comparison of common smart wallets

Based on different application scenarios and target users, the three wallets have their own characteristics, each with its own advantages in terms of security and ease of use:

Generalized smart wallet

Is "smart wallet" the only way out on the big track of wallets? Some non-smart wallets still allow users to better manage their private keys while still guaranteeing user autonomy, and can restore accounts through social networks or trusted third-party services. Wallets using this method include HTC Zion, ZenGo, Torus, and more.

  • HTC Zion

HTC Zion is HTC's custom mobile wallet. Zion wallets have two special features: (1) the wallet is pre-installed on the phone, and the private key's full life cycle is protected by TEE; (2) the social recovery function is introduced, and the private key is distributed to the Trusted friends keep it to avoid the problem of losing the private key. When a user loses their phone or forgets their password, they can request recovery from the emergency contact. After a certain number of emergency contacts agree, the private key can be retrieved.

  • ZenGo

ZenGo uses threshold signatures and biometrics to lower the threshold for users to keep private keys. In simple terms, ZenGo stores a private key on the client side and another private key on the server side. When sending a transaction, the user gets a partial signature locally, sends it to the server, and uses the method of signature aggregation to construct the final transaction.

The private key of the ZenGo client is encrypted with another key and transmitted to the cloud (such as iCloud) for storage. The encrypted key is stored in a third-party face recognition security agency. When a user loses their phone, they need to pass the face verification of the security agency, and then decrypt the private key stored in the cloud.

  • Torus

Torus is dedicated to key management and uses a publicly verifiable secret sharing (PVSS) scheme to host private keys in different trusted institutions. When the user loses the private key, the user submits a recovery request, and the trusted institution gives the divided private key after verifying the user's identity. When enough trusted authorities approve, the private key can be recovered.

Although these wallets do not use smart contract technology, they are still wallets that use new technology to lower the threshold for users to keep private keys, which may be called "smart wallets" in a broad sense.

to sum up

The new era is calling us. Forget the private key and mnemonic, smart wallets can make it easier for users to use the blockchain. At present, the three smart wallets mentioned in this article have been open to users for registration, and everyone can download and experience. The download address is as follows:

  • Argent: https://www.argent.xyz/
  • Monolith: https://monolith.xyz/
  • MYKEY: https://mykey.org/